An attach-srv config line usually looks like this:
tcp-request session attach-srv be/srv name ssl_c_s_dn(CN)
The name is a key that is used when looking up connections in the
connection pool. Without this patch you'd get an error if you passed
anything other than "ssl_c_s_dn(CN)" as the name expression. Now you can
pass arbitrary expressions and it will just warn you if you aren't
producing a configuration that is RFC compliant.
I'm doing this as I want to use `fc_pp_unique_id` as the name.
---
src/tcp_act.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/src/tcp_act.c b/src/tcp_act.c
index a88fab4af..4d2a56c67 100644
--- a/src/tcp_act.c
+++ b/src/tcp_act.c
@@ -522,8 +522,7 @@ static int tcp_check_attach_srv(struct act_rule *rule,
struct proxy *px, char **
if ((rule->arg.attach_srv.name && (!srv->use_ssl || !srv->sni_expr)) ||
(!rule->arg.attach_srv.name && srv->use_ssl && srv->sni_expr)) {
- memprintf(err, "attach-srv rule: connection will never be used;
either specify name argument in conjunction with defined SSL SNI on targeted
server or none of these");
- return 0;
+ ha_warning("attach-srv rule: connection may never be used;
usually name argument is defined SSL SNI on targeted server or none of these");
}
rule->arg.attach_srv.srv = srv;
--
2.34.1
